fuzz: commit test case for oss-fuzz issue 6884

This seems to be a false positive in msan:
https://github.com/google/sanitizers/issues/767.

I don't see anything wrong with the code either, and valgrind does not see the
issue. Anyway, let's add the test case.

We don't have msan hooked up yet, but hopefully we'll in the future.

oss-fuzz #6884.

diff --git a/src/test/test-socket-util.c b/src/test/test-socket-util.c
index e35a27fa61a5b2eee30f768828b78854decb15ec..76896b0328174afd5b86b8590bd23f7dd07d828b 100644 (file)
--- a/src/test/test-socket-util.c
+++ b/src/test/test-socket-util.c
@@ -118,6 +118,9 @@ static void test_socket_address_parse_netlink(void) {
         assert_se(socket_address_parse_netlink(&a, "route 10") >= 0);
         assert_se(a.sockaddr.sa.sa_family == AF_NETLINK);
         assert_se(a.protocol == NETLINK_ROUTE);
+
+        /* oss-fuzz #6884 */
+        assert_se(socket_address_parse_netlink(&a, "\xff") < 0);
 }
 
 static void test_socket_address_equal(void) {

diff --git a/test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6884 b/test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6884
new file mode 100644 (file)
index 0000000..00d105a
--- /dev/null
+++ b/test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6884
@@ -0,0 +1,3 @@
+socket
+[Socket]
+ListenNetlink=ÿ
\ No newline at end of file

diff --git a/test/fuzz-regressions/meson.build b/test/fuzz-regressions/meson.build
index 25ec51148b1e4e688594250ba67fb18beb02f13e..c1416f93cf3cfd926dec7e1fc07cf37babdf4cf6 100644 (file)
--- a/test/fuzz-regressions/meson.build
+++ b/test/fuzz-regressions/meson.build
@@ -29,4 +29,5 @@ sanitizers = [['address', sanitize_address]]
 fuzz_regression_tests = '''
         fuzz-dns-packet/oss-fuzz-5465
         fuzz-dns-packet/issue-7888
+        fuzz-unit-file/oss-fuzz-6884
 '''.split()